Software Security Austerity - Software Security Debt in Modern Software Development
Offered By: 44CON Information Security Conference via YouTube
Course Description
Overview
Explore software security debt in modern development through this 32-minute conference talk delivered by Ollie Whitehouse at 44CON 2012 in London. Delve into the concept of technical debt and its security implications, understanding how it accrues based on risk and its impact on the software development lifecycle. Learn about latent debt resilience, effective debt management strategies, and the importance of assigning interest rates to security debt. Discover various repayment methods, including new version requirements, severity prioritization, and percentage reduction. Examine debt expiry, debt overhang, and strategic debt restructuring. Consider the consequences of non-repayment and potential bankruptcy scenarios. Gain valuable insights into managing software security austerity and its long-term effects on development processes.
Syllabus
Intro
Technical debt
Security debt.
Security debt-source?
Security debt and SDLS
Accruing debt based on risk
Latent debt resilience
Debt Management
Why we care
Assigning interest rates to security debt
Repayment-New version requirements
Repayment -Severity prioritization
Repayment - Percentage reduction
Debt Expiry
Debt Overhang
Strategic Debt Restructuring
Bankruptcy
Non Repayment - Consequence Planning
Conclusions
Taught by
44CON Information Security Conference
Related Courses
Pattern-Oriented Software Architectures: Programming Mobile Services for Android Handheld SystemsVanderbilt University via Coursera Engineering Maintainable Android Apps
Vanderbilt University via Coursera Software Design as an Element of the Software Development Lifecycle
University of Colorado System via Coursera Secure Software Development
Pluralsight Secure Software Concepts for CSSLPĀ®
Pluralsight